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IN THE CLAIMS 

What is claimed is: 

1 . (Currently Amended) A method for transmitting data according to a 
signature-based protocol comprising: 

generating, at a server, a signature corresponding to a signature block, 
the signature block having a covered data portion and an information object 
portion, the server conversant in a predetermined protocol and the signature and 
signature block being conformant with the predetermined protocol; 

storing, at the server, the signature in the signature block; 

transmitting to a ^ client also conversant in the predetermined 
protocol, the signature block, the.remote clte^ 3 
^ > g "^ ajejhe Lgigna|ure bjo ck. the signature block further operable to store in 
the information object portion, payload data in a nondestructive manner, the 
nondestructive manner operable to preserve the covered data portion and 
corresponding signature without regenerating the signature, storing in the 
information object portion further comprising storing the payload data at athe 
. N - o client the client being unencumbered by signature generation 

operability, the signature ^ 
cap_abiii^ MjMsjgQa^^ 

2. (Original) The method of claim 1 wherein the signature block further 
includes a signature value portion, the signature value portion operable to store 
the signature as an authentication indicator according to the predetermined 
protocol, wherein storing further comprises storing the signature in the signature 
value portion. 

3. (Original) The method of claim 1 wherein the signature block further 
includes a key information portion, further comprising storing an authentication 
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indicator to a validation instrument in the key information portion, the validation 
instrument operable to authenticate the signature value portion using the 
signature. 

4. (Original) The method of claim 3 wherein the validation instrument 
corresponds to an inverse operation of the generating of the signature. 

5. (Canceled) 

6. (Original) The method of claim 1 wherein storing the payload data further 
comprises generating a transmission block conformant with the predetermined 
protocol and operable to be received as a signature authenticated transmission 
by a destination node according to the predetermined protocol. 

7. (Original) The method of claim 1 wherein generating the signature further 
comprises generating a signature corresponding to the covered data portion of 
the signature block. 

8. (Original) The method of claim 1 further comprising computing a digest on 
the covered data portion, the digest substantially indicative of the data in the 
covered data portion. 

9. (Original) The method of claim 3 wherein the validation instrument is a 
public key and generating the signature further comprises generating a signature 
using the private key corresponding to the public key. 

1 0. (Currently Amended) A method for transmitting data from a nonsigning 
client according to a signature-based protocol, comprising: 

receiving a signature block and a signature corresponding to the signature 
block, the signature block having a covered data portion corresponding to the 
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signature, and an information object portion, the receiving performed by a 
nonsigning client which does not compute the signature and is unencumbered by 
components operable to compute the signature, the receiving client conversant in 
a predetermined protocol and the signature and signature block being 
conformant with the predetermined protocol; 

storing, in the information object portion of the signature block, payload 
data in a nondestructive manner, the nondestructive manner operable to 
preserve the covered data portion and the corresponding signature without 
regenerating the signature; and 

transmitting, according to the predetermined protocol, the signature block 
to a recipient destination conversant in the predetermined protocol, the 
information object portion included in the signature block according to the 
predetermined protocol, the 

0^ . ^dina to a private kev empioved in generating the signature, the 

key thus providing a self-authentication message for del* ep o 
estination. 

1 1 . (Original) The method of claim 10 wherein the signature block further 
includes a signature value portion, the signature value portion operable to store 
the signature as an authentication indicator deterministic of the signature 
according to the predetermined protocol. 

12. (Original) The method of claim 10 wherein the signature block further 
includes a key information portion operable to store an authentication indicator to 
a validation instrument, the validation instrument operable to authenticate the 
signature value portion using the signature. 

13. (Original) The method of claim 10 wherein the receiving is performed by a 
nonsigning client which does not compute the signature and is unencumbered by 
components operable to compute the signature. 



U.S. Application No.: 10/664,613 Attorney Docket No.: SUN03-06(P9621) 
-5- 

14. (Original) The method of claim 10 wherein receiving the signature further 
comprises indexing a remote signature repository, and the client is further 
operable to store the received signature in the signature block according to the 
predetermined protocol. 

15. (Original) The method of claim 10 further comprising 

receiving an authentication instrument corresponding to the signature, and 
storing the received authentication instrument in the signature block with 
the signed information portion and the signature. 

16. (Original) The method of claim 15 wherein the received authentication 
instrument is a public key corresponding to the private key for generating the 
signature, and storing further comprising forming a self-signed message by 
storing the public key in the key information portion. 

17. (Original) The method of claim 13 further comprising: 
receiving, at the nonsigning client, a plurality of signatures and 

corresponding covered data portions; 

selecting a first signature for inclusion in a first signature message for 
transmission to a destination recipient; 

selecting a second signature different than the first signature for inclusion 
in a second signature message for transmission to the same destination 
recipient. 

18. (Original) The method of claim 17 wherein selecting the first and second 
signatures is performed based on signature selection logic, the signature 
selection logic for analyzing the covered data portion and the information object 
portion of the signature message to select an expected signature result at the 
destination recipient. 
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19. (Original) The method of claim 18 wherein the signature selection logic is 
operable for analyzing the covered data portion based on at least one of the 
content type, size, creation date, and sparsity of the data. 

20. (Currently Amended) A data communications device for transmitting data 
according to a signature-based protocol comprising: 

a cryptographic engine operable to generate a signature corresponding to 
a signature block, the signature block having a covered data portion and an 
information object portion, the server conversant in a predetermined protocol and 
the signature and signature block being conformant with the predetermined 
protocol; 

a metalanguage processor conversant in the predetermined protocol and 
operable to store the signature in the signature block, the signature block further 
including a signature value portion, the metalanguage processor further operable 
to store, in the signature value portion, authentication indicators according to the 
predetermined protocol, wherein storing further comprises storing the signature 
in the signature value portion; and 

an interface in the data communications device operable to transmit, 
according to the predetermined protocol, the signature block to a client 
conversant in the predetermined protocol, the signature block further operable to 
receive and store, in the information object portion, payload data in a 
nondestructive manner, the nondestructive manner operable to preserve the 
covered data portion and corresponding signature without regenerating the 
signature ] 3 <3 script having fieids defined by a 

x \ • I i&talanguag e s yntax defining, the 

iBaaLaa^^ .' :i:..: : ;.v. av. v- : : »n the predetermined 



21. (Canceled) 
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22. (Original) The data communications device of claim 20 wherein the 
signature block further includes a key information portion, the cryptographic 
engine further operable to store a validation instrument in the key information 
portion, the validation instrument operable to authenticate the signature. 

23. (Original) The data communications device of claim 22 wherein the 
validation instrument corresponds to an inverse operation of the generating of the 
signature. 

24. (Original) The data communications device of claim 20 wherein the 
metalanguage processor is further operable to generate the signature block 
having the information object portion, the information object portion further 
operable for storing the payload data at the client unencumbered by signature 
generation operability. 

25. (Original) The data communications device of claim 20 wherein the 
signature block is adapted for storing the payload data by the client to generate a 
signature message transmission block of data conformant with the 
predetermined protocol and operable to be received as a signature authenticated 
transmission by a destination node according to the predetermined protocol. 

26. (Original) The data communications device of claim 20 wherein the 
cryptographic engine is further operable to generate the signature corresponding 
to the covered data portion of the signature block. 

27. (Original) The data communications device of claim 20 wherein the 
cryptographic engine is further operable to compute a digest on the covered data 
portion, the digest substantially indicative of the data in the covered data portion. 
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28. (Original) The data communications device of claim 20 wherein the 
validation instrument is a public key and generating the signature further 
comprises generating a signature using the private key corresponding to the 
public key. 

29. (Currently Amended) A method for transmitting data in a network system 
according to a signature-based protocol comprising: 

identifying, at a server, data adapted for cryptographic 

transmission; 

computing a digest on the identified data, the digest substantially 
indicative of the identified data; 

building, according to a cryptographic scripting language, a 
signature block, the signature block having a signed data portion, a signature 
value portion, a key information portion, and at least one information object 
portion, the signature value portion operable to store the signature as an 
authentication indicator according to the predetermined protocol, further 
comprises storing the signature in the signature value portion; 

storing the identified data in the signed data portion of a signature block; 

retrieving, from a public key infrastructure (PKI) a public and private key 
pair operable for cryptographic operations; 

generating, at a server, a signature value from the private key 
corresponding to the computed digest, the signature substantially unrecreatable 
by data other than the computed digest; 

storing the signature value in the signature value portion of the signature 
block, the signature value portion and corresponding signature value persisting 
as a signature block according to the predetermined protocol including the 
payload data portion; 

storing the public key corresponding to the private key in the key 
information portion to provide a self-authenticating transmission; and 
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transmitting, according to the predetermined protocol, the signature block 
to a client also conversant in the scripting language and operable to store 
payload data in the information object portion independently of the signature 
value portion, storing in the information object portion further comprises storing 
the payload data at a client, the client being unencumbered by signature 
generation operability, the signature block t>? ; vi:±diav 
8 predet ermined metalanguage syn+dx,„^ c. 1 • 

position of the cc 

block receivable by a recipient device conversant i 
"\ v v v^v. \ x s ^ ecgd infl the message . 

30. (Previously Presented) The method of claim 29 wherein the scripting 
language is operable to incorporate signature components such that the scripting 
language is operable with signing capability when signature components are 
available and operable without signing capability when signature components are 
unavailable, further comprising: 

identifying the signature value portion from a subset of available 
fields in the signature block, the signature value corresponding to the identified 
subset and the remaining available fields independent of the signature value; 

identifying, from the remaining available fields, payload data portions 
operable for subsequent storage of data independent of the signature value and 
the signature value portion. 

31. (Original) The method of claim 29 further comprising a system for 
signature use by a nonsigning client, the nonsigning client unencumbered from 
cryptographic operation components, comprising: 

at the client, identifying payload data adapted for storage in the 
information object portions according to the scripting language independent of 
the signature value; and 
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storing the identified payload data in the information object portions in a 
nondestructive manner, the nondestructive manner operable to preserve the 
covered data portion and corresponding signature without regenerating the 
signature, the client unencumbered and inoperable to encrypt and decrypt the 
signed data. 

32. (Currently Amended) A computer program product having an encoded set 
of processor based instructions defined as computer program code on a 
computer readable storage medium operable to store computer program logic 
embodied in computer program code encoded thereon for transmitting data from 
a nonsigning client according to a signature-based protocol, comprising: 

computer program code for receiving a signature block and a signature 
corresponding to the signature block, the signature block having a covered data 
portion corresponding to the signature, and an information object portion, the 
receiving client conversant in a predetermined protocol and the signature and 
signature block being conformant with the predetermined protocol; 

computer program code for storing, in the information object portion of the 
signature block, payload data in a nondestructive manner, the nondestructive 
manner operable to preserve the covered data portion and the corresponding 
signature without regenerating the signature, wherein storing in the information 
object portion further comprises storing the payload data at a client, the client 
being unencumbered by signature generation operability; and 

computer program code for transmitting, according to the predetermined 
protocol, the signature block to a recipient destination conversant in the 
predetermined protocol, the information object portion included in the signature 
block according to the predetermined protocol, wherein the signature block 
further includes a signature value portion, the signature value portion operable to 
store the signature as an authentication indicator according to the predetermined 
protocol, wherein storing further comprises storing the signature in the signature 
value portion 
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33. (Currently Amended) A encoded set of processor based instructions 
defined as program code on a computer readable storage medium for 
transmitting data from a nonsigning client according to a signature-based 
protocol, comprising: 

program code for receiving a signature block and a signature 
corresponding to the signature block, the signature block having a covered data 
portion corresponding to the signature, and an information object portion, the 
receiving client conversant in a predetermined protocol and the signature and 
signature block being conformant with the predetermined protocol; 

program code for storing, in the information object portion of the signature 
block, payload data in a nondestructive manner, the nondestructive manner 
operable to preserve the covered data portion and the corresponding signature 
without regenerating the signature, storing in the information object portion 
further comprising storing the payload data at a client, the client being 
unencumbered by signature generation operability; and 

program code for transmitting, according to the predetermined protocol, 
the signature block to a recipient destination conversant in the predetermined 
protocol, the information object portion included in the signature block according 
to the predetermined protocol, the signature block further including a signature 
value portion, the signature value portion operable to store the signature as an 
authentication indicator according to the predetermined protocol, wherein storing 
further comprises storing the signature in the signature value portion, the 
signature value portion and corresponding signature value persisting as a 
signature block according to the predetermined protocol including the payload 
data portion < 
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34. (Currently Amended) A data communications device for transmitting data 
according to a signature-based protocol comprising: 

means for receiving a signature block and a signature corresponding to 
the signature block, the signature block having a covered data portion 
corresponding to the signature, and an information object portion, the receiving 
client conversant in a predetermined protocol and the signature and signature 
block being conformant with the predetermined protocol; 

means for storing, in the information object portion of the signature block, 
payload data in a nondestructive manner, the nondestructive manner operable to 
preserve the covered data portion and the corresponding signature without 
regenerating the signature, the means for storing in the information object portion 
further comprising means for storing the payload data at a client, the client being 
unencumbered by signature generation operability; and 

means for transmitting, according to the predetermined protocol, the 
signature block to a recipient destination conversant in the predetermined 
protocol, the information object portion included in the signature block according 
to the predetermined protocol, the signature block further including a signature 
value portion, the signature value portion operable to store the signature as an 
authentication indicator according to the predetermined protocol, wherein storing 
further comprises storing the signature in the signature value portion, ..the 

.::;vj :: :l:Xl;;LjrUi;:.:::; ; :j.::i::,...:::.;-:..; L:.Y. : :i :u:v:....::::LjJ:,.:...v. : .J U:jJj:::..AJ::±..:h}. :A}L>:. 

fiovereclda^ 
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35. (New) The method of claim 1 further comprising: 

generating, at the server, a set of predetermined signatures operable for 
insertion in a message conformant to the predetermined protocol; 

storing, in a signature repository at the server, a bank of signatures 
including the set of predetermined signatures; and 

transmitting, responsive to a request from the nonsigning client, a 
sgnature from the bank of signatures for insertion in a signature block in 
conjunction with a payload. 



